I was having a problem on some hosts, where the Configuration backup notification could not be send - but all other notifications were being sent without a problem. The configuration backup job would just finish with a warning stating "Cannot sent e-mail report".
After checking the logs I found this two lines:
Code: Select all
[CReportMailer] Failed to send email report to <email-address>
The remote certificate is invalid according to the validation procedure. (System.Security.Authentication.AuthenticationException)
Now, please note again that all other notifications from the same Veeam Backup server were being sent without any issues even before importing the root CA. It was just notification from the configuration backup that didn't get through, due to server cert validation. So it seems that Veeam is using different code to validate mail server certs in case it's sending a configuration backup notification, from the code that is being used when sending a backup job notification, for instance. I find this quite strange.
Now, situations such as this might be rare and this might not touch many users, but I find this behavior problematic for a couple of reasons (below), so I decided to report it:
- receiving a notification when something isn't right is VERY important for any backup operation
- in this case, all other notifications are working normally, only notifications from configuration backups are not being delivered. So in case it stopped working I won't be notified. This is potentially a serious issue, since it's very easy for this to go undetected (unless you also send notifications for Success jobs and also happen to notice that you're missing a mail that you should have received).
- this mail server that I use, I use it to send emails everywhere (including Google and Microsoft servers) and I don't have any problems with delivery at all. Yes, it uses a not-publicly-trused certificate, but that works just fine with pretty much everyone
Hopefully you can fix this. That is, by making mail sending behavior consistent across the board. It doesn't necessarily have to trust mail server with untrusted anchors, but it really should always behave the same.
Cheers,
David